701adc38cb
ZIP212 implementation Closes #4557. (description by @ebfull, taken from #4575) * The `SaplingNote` structure has a new enum called `zip212Enabled`. This member is private and reflects whether the note was or is being created using the derivation method of ZIP 212 (i.e., `BeforeZip212` or `AfterZip212`). * The `SaplingNotePlaintext` structure has a new unsigned char member `leadbyte`. This member is private and contains the leading byte of the plaintext (e.g. `0x01`, `0x02`). * The serialization of `SaplingNotePlaintext` sets `zip212Enabled` to `BeforeZip212` iff the serialized note plaintext version is not `0x01`. * The `r`/`rcm` fields have been removed and replaced with a private field `rseed`. `SaplingNote` and `SaplingNotePlaintext` now have a helper method `rcm()` which returns the `rcm` either by deriving it with `rseed` (if `zip212Enabled` is `AfterZip212`) or returning `rseed` by interpreting `rseed` as `rcm`. * All the methods of obtaining a `SaplingNote` account for these changes: - The `SaplingNote` constructor that is used by e.g. the transaction builder, and internally samples random `rcm`, now takes a `zip212Enabled` argument to decide whether to sample `rcm` the "old" way or the "new" way. - The bare constructor for `SaplingNote` is removed. - The other constructor which takes the raw contents of the note is only used in tests or in `Note.cpp`, but now also takes a `zip212Enabled` argument. - The other way of obtaining a note, by calling `SaplingNotePlaintext::note()`, has been adjusted. * The `SaplingNotePlaintext` class now has an `generate_or_derive_esk()` method that either samples a random `esk` or derives it using the local `rseed` depending on the value of `leadbyte`. * The encryption routine is modified to consult `generate_or_derive_esk()` and provide it to the note encryption object. * The note encryption objects now take an optional `esk` as input and otherwise sample a random `esk` internally. This API functionality is preserved to allow for testing. * The `SaplingNotePlaintext` decryption routines are modified: - The out and enc decryption routines now check that `epk` is consistent with the derived `esk`. - The out decryption routine for plaintexts also checks that `esk` is consistent with what is derived by the note. * The miner and transaction builder consult the activation of Canopy when creating `SaplingNote`s. * The consensus rules are modified so that shielded outputs (miner rewards) must have `v2` note plaintexts after Canopy has activated. |
||
|---|---|---|
| .cargo | ||
| .github | ||
| build-aux/m4 | ||
| contrib | ||
| depends | ||
| doc | ||
| qa | ||
| share | ||
| src | ||
| zcutil | ||
| .gitattributes | ||
| .gitignore | ||
| CONTRIBUTING.md | ||
| COPYING | ||
| Cargo.lock | ||
| Cargo.toml | ||
| INSTALL | ||
| Makefile.am | ||
| README.md | ||
| autogen.sh | ||
| code_of_conduct.md | ||
| configure.ac | ||
| libzcashconsensus.pc.in | ||
| responsible_disclosure.md | ||
| rust-toolchain | ||
README.md
Zcash 3.0.0
What is Zcash?
Zcash is an implementation of the "Zerocash" protocol. Based on Bitcoin's code, Zcash intends to offer a far higher standard of privacy through a sophisticated zero-knowledge proving scheme that preserves confidentiality of transaction metadata. More technical details are available in our Protocol Specification.
This software is the Zcash client. It downloads and stores the entire history of Zcash transactions; depending on the speed of your computer and network connection, the synchronization process could take a day or more once the blockchain has reached a significant size.
🔒 Security Warnings
See important security warnings on the Security Information page.
Zcash is experimental and a work in progress. Use it at your own risk.
📒 Deprecation Policy
This release is considered deprecated 16 weeks after the release day. There is an automatic deprecation shutdown feature which will halt the node some time after this 16-week period. The automatic feature is based on block height.
Getting Started
Please see our user guide for joining the main Zcash network.
Need Help?
- 📘 See the documentation at the ReadTheDocs for help and more information.
- 📨 Ask for help on the Zcash forum.
- 💬 Chat with our support community on Discord
Participation in the Zcash project is subject to a Code of Conduct.
Building
Build Zcash along with most dependencies from source by running the following command:
./zcutil/build.sh -j$(nproc)
Currently, Zcash is only officially supported on Debian and Ubuntu.
License
For license information see the file COPYING.